﻿<%@ WebHandler Language="C#" Class="HandlerUserLogin" %>

using System;
using System.Web;
using System.Linq;
using Newtonsoft.Json;
using System.Web.SessionState;
using System.Web.Security;

public class HandlerUserLogin : IHttpHandler , IRequiresSessionState {
    
    public void ProcessRequest (HttpContext context) {

        LinkToDatabase db = new LinkToDatabase();
        User us = null;
        switch (context.Request.Form["status"])
        {
            case "login":
                string name = context.Request.Form["name"];
                string pwd = context.Request.Form["password"];

                us = db.GetUserInfo(name);
        
                if (us != null)
                {
                    bool userVisible = us.Visible;
                    if (userVisible)
                    {
                        string salt = us.Random;
                        string dbPassword = us.Password;
                        string hashPassword = FormsAuthentication.HashPasswordForStoringInConfigFile( pwd + salt , "sha1");
                        if (hashPassword == dbPassword)
                        {
                            context.Response.Cookies["u_id"].Value = us.ID.ToString();
                            context.Session["login"] = "ok";
                
                            context.Response.ContentType = "application/json";
                            context.Response.Write(JsonConvert.SerializeObject(us));
                        }
                        else
                        {
                            context.Response.ContentType = "text/plain";
                            context.Response.Write("null");
                        }
                    }
                    else
                    {
                        context.Response.ContentType = "text/plain";
                        context.Response.Write("jailed");
                    }
                }
                else
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.Write("null");
                }   
                break;
                
            case "load":
                int id = Convert.ToInt32(context.Request.Cookies["u_id"].Value);
                us = db.GetUserInfo(id);
                context.Response.ContentType = "application/json";
                context.Response.Write(JsonConvert.SerializeObject(us));
                break;
                
            case "getPwd":
                string nameFg = context.Request.Form["name"];
                string emailFg = context.Request.Form["email"];


                bool isSendPwdSuccess = db.GetUserPwd(nameFg, emailFg);

                if (isSendPwdSuccess)
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.Write("success");
                }
                else
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.Write("failed");
                }   
                break;
                
            case "signOut":
                context.Session.Contents.Remove("login");
                break;
        }
       
    }
 
    public bool IsReusable {
        get {
            return false;
        }
    }

}